package com.example.custsecurity.security.filter;

import com.alibaba.fastjson.JSONObject;
import com.example.custsecurity.security.jwt.CustJwtService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;

/*
* BasicAuthenticationFilter：基础认证过滤器  每一次请求都会执行
* */
@Slf4j
public class VerifyJWTTokenFilter extends BasicAuthenticationFilter {

    private AuthenticationManager authenticationManager;
    private CustJwtService custJwtService;

    public VerifyJWTTokenFilter(CustJwtService custJwtService,AuthenticationManager authenticationManager) {
        super(authenticationManager);
        this.authenticationManager = authenticationManager;
        this.custJwtService = custJwtService;
    }

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {

        String url = request.getServletPath();

//        如果是根路径(登陆页面请求路径)或匿名则通行，允许访问路径
        if("/".equals(url)||"/smile".equals(url)){
            chain.doFilter(request,response);
        }else {

            String head_token = request.getHeader("Authentication");

            if (head_token==null){
                response.setCharacterEncoding("utf-8");
                response.setContentType("application/json;charset=utf-8");
                PrintWriter pw = response.getWriter();

                JSONObject jsonObject = new JSONObject();
                jsonObject.put("code",HttpServletResponse.SC_FORBIDDEN);
                jsonObject.put("token",head_token);
                jsonObject.put("msg","token没有携带");

                pw.print(jsonObject);
                pw.flush();
                pw.close();
            }else {
                Map<String, Object> map = null;
                try {
                    map = this.custJwtService.verifyJWTToken(head_token);
                    super.doFilterInternal(request, response, chain);
                } catch (RuntimeException e) {
                    response.setCharacterEncoding("utf-8");
                    response.setContentType("application/json;charset=utf-8");
                    PrintWriter pw = response.getWriter();

                    JSONObject jsonObject = new JSONObject();
                    jsonObject.put("code",HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
                    jsonObject.put("msg","token令牌失效");

                    pw.print(jsonObject);
                    pw.flush();
                    pw.close();
                }
            }



        }

//        super.doFilterInternal(request, response, chain);
    }
}
